When: Tuesday Session IV, Nov 8, 2022, 16:30 - 17:30 UTC
Where: Kensington 2 & Meetecho
Chairs: Mirja Kühlewind, Mallory Knodel
Slides: Intro
Internet Threat Model (model-t) Program
Evolvability, Deployability, & Maintainability (EDM) Program
Slides: Liaison Relationship: IETF and IEEE 802
Juan Carlos Zuniga: I want to make a comment about an example of the
coordination. We've been talking about IEEE 802 numbering, and we'll
have some discussions about this at INTAREA this week, and we'll discuss
how to best coordinate the IANA registry.
Russ Housley: Another example of this is the work on YANG modules.
Barry Leiba: How long has the coordination been going on?
Russ Housley: There have been 30-something meetings [since 2012].
Phillip Hallam-Baker: If. group is not delivering a specification for
the end-users of the Internet that is actually usable, I think we should
not be too deferential.
Russ Housley: There are some examples where we have done that after
coordination, like the CAPPORT group. I would discourage just grabbing a
space without talking, so that you know when you're grabbing a
particular piece of the problem. When we surprise people is when things
get ugly.
Slides: M-TEN Workshop Recap
Slides: Partitioning as an Architecture for Privacy
Vittorio Bertola: I think this is an important discussion, but depending
on how it is deployed and designed, it might promote more
centralization. If you just create something that is so hard to deploy
that only three companies can do it--I just wanted to flag the issue.
Tommy Pauly: That is exactly the kind of commentary that belongs in the
doc; just because you are partitioning data doesn't always mean that is
the right thing to do.
Slides: OONI Censorship Methods in Iran
Slides: Iran's Mahsa Amini Revolution: Protest Crises and the Role of
Technology
Phillip Hallam-Baker: I would like know all of your requirements in
depth, as much information as possible. I think in terms of the
standards process, we have to think in terms of two buckets. Everything
we do will be to avoid circumvention. I think we need to think of two
tracks. One on developing cryptographic security technologies, and one
on steganographic technologies.
Piers O'Hanlon: I think TOR wasn't explictly mentioned, but it seems
like a place it would be traditionally used. There are certain
techniques that have been blocked, but as you say, it's a continual
battle.
Lars Eggert: First, thank you both for the great talks. Phillip said
some interesting things. There is a role for the IETF or IRTF here, but
it's not really standardizing anything. Trying to learn about weaknesses
in the blocking technology, playing with the headers and packet traces,
and it's an arms race. These evasions techniques, building witht the
people who understand the protocols, is great.
Mallory Knodel: There is a draft in PEARG. I think we do have examples
of work IETF does in standardizing frameworks in which people work, and
I would say that the work the community has done, the folks who are
trying to keep the Internet on for everyone around the world, and the
folks who are building tools to respond to the thing you've all
identified, which is that it's a moving target. Pluggable transports.
Something like TOR might not work, but something on top of it might make
it harder for your traffic to be seen. I think it would be great to
figure out how to bring that community to the IETF more often so they
can get that critical feedback from those of you who are developing
whole protocols. Thanks so much for coming and for your feedback, and I
think we're closing out the meeting now. Thanks.